exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2013-06-04

gpEasy CMS 4.0 Shell Upload
Posted Jun 4, 2013
Authored by CWH Underground

gpEasy CMS version 4.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 1f597b57af97e39381dbebcdfc39621a
VxWorks R5_0_31 Data Disclosure
Posted Jun 4, 2013
Authored by Russell Butturini

The 3Com NBX V3000 phone system firmware was found to have the VxWorks remote debug service enabled. This allows for remotely extracting the contents of device memory over the network. When parsing the contents of memory, it was discovered that the call logs for the system as well as URLs which linked to WAV files containing voice mails that were accessible.

tags | exploit, remote, info disclosure
MD5 | 0eefa790a17dcbc192442a4f391eecf8
Libsrtp srtp_protect/hmac_compute Buffer Overflow
Posted Jun 4, 2013
Authored by Fernando Russ | Site groundworkstech.com

There is a buffer overflow in libsrtp based on how the function crypto_policy_set_from_profile_for_rtp applies the cryptographic profiles srtp_profile_aes128_cm_sha1_32/srtp_profile_aes256_cm_sha1_32 to a srtp_policy, as shown by the source code of srtp/srtp.c.

tags | advisory, overflow
MD5 | 562e3ba8665eddd7bf120b93f20df584
Monkey 1.2.0 Buffer Overflow
Posted Jun 4, 2013
Authored by dougtko

Monkey HTTPD version 1.2.0 suffers from a buffer overflow vulnerability that may result in arbitrary code execution or denial of service.

tags | exploit, denial of service, overflow, arbitrary, code execution
advisories | CVE-2013-3843
MD5 | 9a944434f83c9c0a6ef17d8ed052c9e6
Cuppa CMS Remote / Local File Inclusion
Posted Jun 4, 2013
Authored by CWH Underground

Cuppa CMS suffers from remote and local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
MD5 | 7b18ed2a448a832d88bcac0be57cdbc1
CMS Gratis Indonesia PHP Code Injection
Posted Jun 4, 2013
Authored by CWH Underground

CMS Gratis Indonesia version 2.2 Beta 1 suffers from a remote PHP code injection vulnerability.

tags | exploit, remote, php
MD5 | b6e493856de0696e4d0d5a56b5e4d682
aCMS 1.0 Shell Upload / Insufficient Authorization
Posted Jun 4, 2013
Authored by MustLive

aCMS version 1.0 suffers from authentication bypass and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability
MD5 | 6be3090901a2773910b1a5b74a621fa2
Dotclear 2.5 Cross Site Scripting
Posted Jun 4, 2013
Authored by Nikhalesh Singh Bhadoria

Dotclear version 2.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | fa217a6bd85ed191dfb7e8c8c16bea64
Cisco Iframe Injection
Posted Jun 4, 2013
Authored by Vinesh Redkar

The newsroom.cisco.com site suffers from an iframe injection vulnerability.

tags | exploit
systems | cisco
MD5 | 410599767ad5010015ec6f106dbb4bea
SweetRice CMS 1.2.5 Cross Site Scripting
Posted Jun 4, 2013
Authored by Nikhalesh Singh Bhadoria

SweetRice CMS version 1.2.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 13862fbb7f2d29f2d8716703bd7fbb26
Generating Stable Privacy-Enhanced Addresses With IPv6
Posted Jun 4, 2013
Authored by Fernando Gont | Site ietf.org

This document specifies a method for generating IPv6 Interface Identifiers to be used with IPv6 Stateless Address Autoconfiguration (SLAAC), such that addresses configured using this method are stable within each subnet, but the Interface Identifier changes when hosts move from one network to another. This method is meant to be an alternative to generating Interface Identifiers based on hardware address (e.g., using IEEE identifiers), such that the benefits of stable addresses can be achieved without sacrificing the privacy of users. The method specified in this document applies to all prefixes a host may be employing, including link-local, global, and unique- local addresses.

Changes: Revision 9 of this document.
tags | paper, local
MD5 | ae070a249f63b43911cdd8f7fed8eded
Pixelpost 1.7.3 Cross Site Scripting
Posted Jun 4, 2013
Authored by Nikhalesh Singh Bhadoria

Pixelpost version 1.7.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f80aa1450236a9c92d0bb24f74fba5ab
PEStudio 3.69 Denial Of Service
Posted Jun 4, 2013
Authored by Debasish Mandal

PEStudio version 3.69 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 042a9b05ee62dee500be6c6d3d9adda5
Telaen 1.3.0 XSS / Open Redirection / Disclosure
Posted Jun 4, 2013
Authored by Manuel Garcia Cardenas | Site isecauditors.com

Telaen versions 1.3.0 and below suffer from cross site scripting, open redirection, and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2013-2621, CVE-2013-2623, CVE-2013-2624
MD5 | 5d8f7bef930e6b0ddf12a1715d262f6d
SSLsplit 0.4.6
Posted Jun 4, 2013
Site roe.ch

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Changes: This bugfix release fixes a bug in passthrough mode (-P) when no matching certificate is found for a connection (issue 9) and a bug in binding to ports less than 1024 with default settings (issue 8). Additionally, it works around a bug in OpenSSL 1.0.0k and 1.0.1e which caused a segmentation fault when loading certificates or keys.
tags | encryption
MD5 | 60612a7068dcddedafc6b0adc83f0c0b
PHD Help Desk 2.12 SQL Injection
Posted Jun 4, 2013
Authored by drone

PHD Help Desk version 2.12 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8a47292cb45d78061617db6d3fffe2f8
Access Road 0.7.3
Posted Jun 4, 2013
Authored by Patrick Thazard

Access Road is a universal simulator of access controls that is intended to improve design and auditing of IT security. It provides simulations of GNU/Linux (components and rights on the file system), MySQL Server (components and privileges), and a generic Role-Based-Access-Control application. It is designed for database, system, and application administrators, IT architects and developers, and auditors. Reliability and the ability to explain the results are the main objectives. A 50 page tutorial is provided, and a powerful framework allows new simulations to be added. This is the source release.

Changes: This major release improves the management of the user identity, the modeling of the structural relations, and the communications between the simulated software.
tags | tool
systems | linux, unix
MD5 | 0f4de108b9f7d627b39a4a79a33e289d
Seowonintech Routers Remote Root File Dumper
Posted Jun 4, 2013
Authored by Todor Donev

This exploit dumps an arbitrary file from the filesystem with root level permissions on Seowonintech routers with firmware less than and equal to 2.3.9.

tags | exploit, arbitrary, root
MD5 | 882db10f89b958c7c4bfc4f1a67f6879
Page 1 of 1

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    10 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By